Which of the following is not a defense against a traffic substitution and insertion attack?
A. Unicode de-obfuscation
B. Using Unicode instead of ASCII
C. Adopting the format changes
D. Properly processing extended characters
What type of attack is done when the attacker tries to create rogue access points so as to gain access to the network or steal information?
A. SSID injection
B. Evil twin
C. War driving
D. LWAP injection
Which of the following is an attack where threat actors can attack hosts, switches, and routers connected to your Layer 2 network by poisoning the ARP caches of systems connected to the subnet and by intercepting traffic intended for other hosts on the subnet?
A. ARP cache injection
B. ARP cache poisoning
C. DHCP snooping
D. ARP snooping
Cisco switches support a feature that validates ARP packets and intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. What is this feature called?
A. DHCP cache snooping
B. ARP cache poisoning
C. ARP cache snooping
D. Dynamic ARP inspection
Which of the following is when the attacker sends traffic slower than normal, not exceeding thresholds inside the time windows the signatures use to correlate different packets together?
A. Traffic insertion
B. Protocol manipulation
C. Traffic fragmentation
D. Timing attack
Which of the following would give an IPS the most trouble?
A. Jumbo packets
B. Encryption
C. Throughput
D. Updates
Which type of attack is when an IPS receives a lot of traffic/packets?
A. Resource exhaustion
B. DoS (denial of service)
C. Smoke and mirrors
D. Timing attack
Which of the following is a methodology used by attackers to find wireless access points wherever they may be?
A. War driving
B. Wireless LWAP scanning
C. Wireless driving
D. Wireless Aironet scanning
Which of the following is a type of web application vulnerability where malicious scripts are injected into legitimate and trusted websites?
A. Buffer overflow
B. Cross-site scripting (XSS)
C. Cross-site injection (XSI)
D. SQL injection
Which of the following is a type of vulnerability that attackers can exploit to read sensitive data from the database, modify or delete database data, execute administration operations on the database, and even issue commands to the operating system?
A. SQL injection
B. SQL buffer overflow
C. SQL drop
D. SQL bomb
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 210-250 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.